NAI Changes Course

Intrusion prevention and wireless drive the security firm's strategy.

The year 2003 was an interesting one for Network Associates Inc., to say the least.

NAI began by making two major acquisitions, of Entercept Security Technologies Inc. and IntruVert Networks Inc., then endured months of uncertainty, shareholder lawsuits and bad press surrounding the continued investigations by the federal government into the companys accounting practices.

CEO George Samenuk steered NAI through it all and has now bet the future of the Santa Clara, Calif., company on a new strategy centered on intrusion prevention. Senior Editor Dennis Fisher sat down with Samenuk for an exclusive interview last month at the RSA Conference to discuss the companys future, plans for more acquisitions, Microsoft Corp.s horning in on the intrusion prevention space and a suggestion Samenuk made for securing government networks.

Last year was a busy one for you, with the acquisitions and the shift to focusing on intrusion prevention. How is the adjustment to the new strategy progressing?

Its really going well. Network blocking is the thing thats going to drive the future of this industry. You cant just detect things anymore. Thats not enough. There has to be more to it. Being able to proactively stop these new threats is key. You know, we acquired two great companies, Entercept and IntruVert, last year, and were integrating them into the product line. Entercept will be embedded in the McAfee end-point security in the June time frame. So its moving along well. A lot of things are going well.

Obviously anti-virus is where you guys made your name. But with all the intrusion prevention technology, is that still going to be a big part of what NAI does?

It will always be a part of what we do. But were slowly but surely getting away from just AV. Were building on our network expertise. Thats what the acquisitions were all about, gaining some expertise in other areas.

Is there room for more acquisitions in the near future?

Sure. Were sitting on $900 million. Were looking around right now, but were very picky. Content filtering and wireless security are areas Id like to see us get into. There are a lot of good companies out there.

In the past, NAI and some other big security companies have grown very quickly by making a lot of acquisitions just to get the quick revenue growth, and thats hurt the company later on. That doesnt seem to be your strategy this time around.

No, no. Ive seen too many companies just buying stuff and then a year later it doesnt work, and youre stuck with it. Cash is a good thing. I sleep real well with $900 million in the bank. Its not just a safety blanket. It gives us flexibility. We have the financial flexibility to look for acquisitions that make sense and go after them.

You mentioned wireless security. I know youve done some work in terms of handset and PDA security, but what about wireless LAN security? Is that an area youre interested in?

Absolutely. I mean, lets not kid ourselves. Our kids wont even know what wires are. Were rolling out rogue [access point] detection. You have all of these companies worried because their employees are just setting up access points without telling anyone.

Im sure you heard about the things Bill Gates talked about in his keynote. The behavior blocking and active-response capabilities are pretty close to some of the things NAI does now. Does it concern you that Microsoft will be giving this technology away soon?

Not really. Its a good strategy for them. Theyre on the right path. The vision is very good, but theyll need partners to pull it off. Our strategy is to go to the ISPs and provide products that are at their level. Just because Microsoft is going to put these things in their products doesnt mean the ISPs will go buy it now.

I know you spend a lot of time talking to the folks in Washington, especially at the Department of Homeland Security. Do you feel like theyre making progress there in terms of sharing information with industry?

Theyve made amazing progress at DHS. Amit [Yoran, head of the National Cyber Security Division] is doing a great job. Amit is very impressive. Im really happy for him. Hes the right guy for that job because he has the experience in the private sector and with the government. Theres been a lot of progress made, but theres a lot more to do. I suggested to them that the government should set some standards for securing the networks at government agencies, and theyre going to look at that. But Im impatient. I want the government to hurry up. They need to move faster.